Simple Route
This commit is contained in:
@@ -1,2 +0,0 @@
|
||||
Order deny,allow
|
||||
Allow from All
|
||||
@@ -1,114 +0,0 @@
|
||||
openapi: 3.0.0
|
||||
info:
|
||||
title: PHP Course Exam
|
||||
version: 1.0.0
|
||||
contact:
|
||||
name: Kilian Kurt Hofmann
|
||||
email: khofmann@zedat.fu-berlin.de
|
||||
description: PHP Course (ABV FU Berlin) 2024 Exam
|
||||
paths:
|
||||
/users:
|
||||
get:
|
||||
summary: Get Users
|
||||
description: Returns all users
|
||||
parameters: []
|
||||
operationId: ""
|
||||
responses:
|
||||
"200":
|
||||
description: Default response
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: "#/components/schemas/UsersListResponse"
|
||||
"401":
|
||||
description: Not allowed
|
||||
tags:
|
||||
- Users
|
||||
security:
|
||||
- BasicAuth: []
|
||||
put:
|
||||
summary: Add User
|
||||
description: Add a new user
|
||||
parameters: []
|
||||
operationId: ""
|
||||
responses:
|
||||
"200":
|
||||
description: Default response
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: "#/components/schemas/TrueResponse"
|
||||
"401":
|
||||
description: Not allowed
|
||||
"500":
|
||||
description: Error
|
||||
tags:
|
||||
- Users
|
||||
security:
|
||||
- BasicAuth: []
|
||||
requestBody:
|
||||
required: true
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
$ref: "#/components/schemas/UserAddBody"
|
||||
externalDocs:
|
||||
url: "https://khofmann.userpage.fu-berlin.de/phpCourse/exam/api/docs/"
|
||||
security: []
|
||||
servers:
|
||||
- url: "https://khofmann.userpage.fu-berlin.de/phpCourse/exam/api/"
|
||||
description: ""
|
||||
variables: {}
|
||||
components:
|
||||
links: {}
|
||||
callbacks: {}
|
||||
schemas:
|
||||
UsersListResponse:
|
||||
type: array
|
||||
items:
|
||||
$ref: "#/components/schemas/UserType"
|
||||
UserType:
|
||||
type: object
|
||||
properties:
|
||||
ID:
|
||||
type: number
|
||||
description: User ID
|
||||
example: 1
|
||||
FirstName:
|
||||
type: string
|
||||
description: Given name of user
|
||||
example: Max
|
||||
LastName:
|
||||
type: string
|
||||
description: Family name of User
|
||||
example: Mustermann
|
||||
token:
|
||||
type: string
|
||||
description: Access Token
|
||||
format: uuid
|
||||
example: 3be6453c-03eb-4357-ae5a-984a0e574a54
|
||||
UserAddBody:
|
||||
type: object
|
||||
required:
|
||||
- FirstName
|
||||
- LastName
|
||||
properties:
|
||||
FirstName:
|
||||
type: string
|
||||
description: Given name of user
|
||||
example: Max
|
||||
LastName:
|
||||
type: string
|
||||
description: Family name of User
|
||||
example: Mustermann
|
||||
TrueResponse:
|
||||
type: boolean
|
||||
example: true
|
||||
securitySchemes:
|
||||
BasicAuth:
|
||||
type: apiKey
|
||||
name: token
|
||||
in: header
|
||||
tags:
|
||||
- name: Users
|
||||
- name: Posts
|
||||
@@ -1,10 +0,0 @@
|
||||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<link href="./index.css" rel="stylesheet" />
|
||||
|
||||
<title>API Docs</title>
|
||||
</head>
|
||||
|
||||
<body></body>
|
||||
</html>
|
||||
@@ -1,3 +0,0 @@
|
||||
<?php
|
||||
|
||||
Headers::redirect("docs/index.html");
|
||||
@@ -1,26 +0,0 @@
|
||||
<?php
|
||||
|
||||
$method = $_SERVER['REQUEST_METHOD'];
|
||||
|
||||
switch ($method) {
|
||||
case "GET":
|
||||
return get();
|
||||
default:
|
||||
return Response::api("$method not supported", 500);
|
||||
}
|
||||
|
||||
function get()
|
||||
{
|
||||
$db = Database::getInstance();
|
||||
|
||||
$query =
|
||||
"SELECT
|
||||
*
|
||||
FROM
|
||||
egb_gaestebuch";
|
||||
|
||||
$stmt = $db->prepare($query);
|
||||
$stmt->execute();
|
||||
|
||||
Response::api($stmt->fetchAll());
|
||||
}
|
||||
@@ -1,90 +0,0 @@
|
||||
<?php
|
||||
|
||||
$method = $_SERVER['REQUEST_METHOD'];
|
||||
$params = PathParams::get();
|
||||
|
||||
if (empty($params[2])) {
|
||||
return Response::api("Missing param", 500);
|
||||
}
|
||||
|
||||
switch ($method) {
|
||||
case "GET":
|
||||
if (Auth::hasPermission("read")) return get($params[2]);
|
||||
break;
|
||||
case "POST":
|
||||
if (Auth::hasPermission("write")) return post($params[2]);
|
||||
break;
|
||||
case "DELETE":
|
||||
if (Auth::hasPermission("write")) return delete($params[2]);
|
||||
break;
|
||||
default:
|
||||
return Response::api("$method not supported", 500);
|
||||
}
|
||||
|
||||
return Response::api("Not allowed", 401);
|
||||
|
||||
function get($id)
|
||||
{
|
||||
$db = Database::getInstance();
|
||||
|
||||
$query =
|
||||
"SELECT
|
||||
*
|
||||
FROM
|
||||
Users
|
||||
WHERE
|
||||
ID = :ID";
|
||||
|
||||
$stmt = $db->prepare($query);
|
||||
$stmt->bindValue(":ID", $id);
|
||||
$stmt->execute();
|
||||
|
||||
Response::api($stmt->fetchAll());
|
||||
}
|
||||
|
||||
function post($id)
|
||||
{
|
||||
|
||||
$db = Database::getInstance();
|
||||
|
||||
$query =
|
||||
"UPDATE
|
||||
Users
|
||||
SET
|
||||
FirstName = :FIRST, LastName = :LAST
|
||||
WHERE
|
||||
ID = :ID";
|
||||
|
||||
$_POST = json_decode(file_get_contents('php://input'), true);
|
||||
|
||||
try {
|
||||
$stmt = $db->prepare($query);
|
||||
$stmt->bindValue(":FIRST", $_POST["firstName"]);
|
||||
$stmt->bindValue(":LAST", $_POST["lastName"]);
|
||||
$stmt->bindValue(":ID", $id);
|
||||
|
||||
Response::api($stmt->execute());
|
||||
} catch (Exception $e) {
|
||||
Response::api($e->getMessage(), 500);
|
||||
}
|
||||
}
|
||||
|
||||
function delete($id)
|
||||
{
|
||||
$db = Database::getInstance();
|
||||
|
||||
$query =
|
||||
"DELETE FROM
|
||||
Users
|
||||
WHERE
|
||||
ID = :ID";
|
||||
|
||||
try {
|
||||
$stmt = $db->prepare($query);
|
||||
$stmt->bindValue(":ID", $id);
|
||||
|
||||
Response::api($stmt->execute());
|
||||
} catch (Exception $e) {
|
||||
Response::api($e->getMessage(), 500);
|
||||
}
|
||||
}
|
||||
@@ -1,54 +0,0 @@
|
||||
<?php
|
||||
|
||||
$method = $_SERVER['REQUEST_METHOD'];
|
||||
|
||||
switch ($method) {
|
||||
case "GET":
|
||||
if (Auth::hasPermission("read")) return get();
|
||||
break;
|
||||
case "PUT":
|
||||
if (Auth::hasPermission("write")) return put();
|
||||
break;
|
||||
default:
|
||||
return Response::api("$method not supported", 500);
|
||||
}
|
||||
|
||||
return Response::api("Not allowed", 401);
|
||||
|
||||
function get()
|
||||
{
|
||||
$db = Database::getInstance();
|
||||
|
||||
$query =
|
||||
"SELECT
|
||||
*
|
||||
FROM
|
||||
Users";
|
||||
|
||||
$stmt = $db->prepare($query);
|
||||
$stmt->execute();
|
||||
|
||||
Response::api($stmt->fetchAll());
|
||||
}
|
||||
|
||||
function put()
|
||||
{
|
||||
$db = Database::getInstance();
|
||||
|
||||
$_PUT = json_decode(file_get_contents('php://input'), true);
|
||||
|
||||
$query =
|
||||
"INSERT INTO
|
||||
Users(FirstName, LastName, Token)
|
||||
VALUES(:FIRST, :LAST, UUID())";
|
||||
|
||||
try {
|
||||
$stmt = $db->prepare($query);
|
||||
$stmt->bindValue(":FIRST", $_PUT["firstName"]);
|
||||
$stmt->bindValue(":LAST", $_PUT["lastName"]);
|
||||
|
||||
Response::api($stmt->execute());
|
||||
} catch (Exception $e) {
|
||||
Response::api($e->getMessage(), 500);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user