Kilian/PHP-Course
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
PHP-Course/exam/api/users/index.php

109 lines
2.0 KiB
PHP
Raw Blame History

<?php
$method = $_SERVER['REQUEST_METHOD'];
switch ($method) {
case "GET":
if (Auth::hasPermission("read")) return get();
break;
case "PUT":
if (Auth::hasPermission("write")) return put();
break;
case "POST":
if (Auth::hasPermission("write")) return post();
break;
case "DELETE":
if (Auth::hasPermission("write")) return delete();
break;
default:
return Response::api("$method not supported", 500);
}
return Response::api("Not allowed", 401);
function get()
{
$db = Database::getInstance();
$query =
"SELECT
*
FROM
Users";
$stmt = $db->prepare($query);
$stmt->execute();
Response::api($stmt->fetchAll());
}
function put()
{
$db = Database::getInstance();
$_PUT = json_decode(file_get_contents('php://input'), true);
$query =
"INSERT INTO
Users(FirstName, LastName, Token)
VALUES(:FIRST, :LAST, UUID())";
try {
$stmt = $db->prepare($query);
$stmt->bindValue(":FIRST", $_PUT["firstName"]);
$stmt->bindValue(":LAST", $_PUT["lastName"]);
Response::api($stmt->execute());
} catch (Exception $e) {
Response::api($e->getMessage(), 500);
}
}
function post()
{
$db = Database::getInstance();
$query =
"UPDATE
Users
SET
FirstName = :FIRST, LastName = :LAST
WHERE
ID = :ID";
$_POST = json_decode(file_get_contents('php://input'), true);
try {
$stmt = $db->prepare($query);
$stmt->bindValue(":FIRST", $_POST["firstName"]);
$stmt->bindValue(":LAST", $_POST["lastName"]);
$stmt->bindValue(":ID", $_POST["ID"]);
Response::api($stmt->execute());
} catch (Exception $e) {
Response::api($e->getMessage(), 500);
}
}
function delete()
{
$db = Database::getInstance();
$_DELETE = json_decode(file_get_contents('php://input'), true);
$query =
"DELETE FROM
Users
WHERE
ID = :ID";
try {
$stmt = $db->prepare($query);
$stmt->bindValue(":ID", $_DELETE["ID"]);
Response::api($stmt->execute());
} catch (Exception $e) {
Response::api($e->getMessage(), 500);
}
}
Reference in New Issue View Git Blame Copy Permalink