From 1da89502ee8f511ae58e831c7e7463369023becb Mon Sep 17 00:00:00 2001 From: Page Asgardius Date: Fri, 30 Sep 2022 09:41:40 -0700 Subject: [PATCH] repo init --- class/Items.php | 92 ++++++++++++++++++++++++++++++ class/Users.php | 122 ++++++++++++++++++++++++++++++++++++++++ config/Database.php | 18 ++++++ docs/check-example.txt | 4 ++ docs/create-example.txt | 9 +++ docs/delete-example.txt | 3 + docs/endpoints.txt | 4 ++ docs/read-example.txt | 3 + items.sql | 40 +++++++++++++ items/.htaccess | 6 ++ items/check.php | 56 ++++++++++++++++++ items/create.php | 42 ++++++++++++++ items/delete.php | 31 ++++++++++ items/read.php | 43 ++++++++++++++ items/update.php | 42 ++++++++++++++ users.sql | 1 + 16 files changed, 516 insertions(+) create mode 100644 class/Items.php create mode 100644 class/Users.php create mode 100644 config/Database.php create mode 100644 docs/check-example.txt create mode 100644 docs/create-example.txt create mode 100644 docs/delete-example.txt create mode 100644 docs/endpoints.txt create mode 100644 docs/read-example.txt create mode 100644 items.sql create mode 100644 items/.htaccess create mode 100644 items/check.php create mode 100644 items/create.php create mode 100644 items/delete.php create mode 100644 items/read.php create mode 100644 items/update.php create mode 100644 users.sql diff --git a/class/Items.php b/class/Items.php new file mode 100644 index 0000000..b482528 --- /dev/null +++ b/class/Items.php @@ -0,0 +1,92 @@ +conn = $db; + } + + function read(){ + if($this->id) { + $stmt = $this->conn->prepare("SELECT * FROM ".$this->itemsTable." WHERE id = ?"); + $stmt->bind_param("i", $this->id); + } else { + $stmt = $this->conn->prepare("SELECT * FROM ".$this->itemsTable); + } + $stmt->execute(); + $result = $stmt->get_result(); + return $result; + } + + function create(){ + + $stmt = $this->conn->prepare(" + INSERT INTO ".$this->itemsTable."(`name`, `description`, `price`, `category_id`, `created`) + VALUES(?,?,?,?,?)"); + + $this->name = htmlspecialchars(strip_tags($this->name)); + $this->description = htmlspecialchars(strip_tags($this->description)); + $this->price = htmlspecialchars(strip_tags($this->price)); + $this->category_id = htmlspecialchars(strip_tags($this->category_id)); + $this->created = htmlspecialchars(strip_tags($this->created)); + + + $stmt->bind_param("ssiis", $this->name, $this->description, $this->price, $this->category_id, $this->created); + + if($stmt->execute()){ + return true; + } + + return false; + } + + function update(){ + + $stmt = $this->conn->prepare(" + UPDATE ".$this->itemsTable." + SET name= ?, description = ?, price = ?, category_id = ?, created = ? + WHERE id = ?"); + + $this->id = htmlspecialchars(strip_tags($this->id)); + $this->name = htmlspecialchars(strip_tags($this->name)); + $this->description = htmlspecialchars(strip_tags($this->description)); + $this->price = htmlspecialchars(strip_tags($this->price)); + $this->category_id = htmlspecialchars(strip_tags($this->category_id)); + $this->created = htmlspecialchars(strip_tags($this->created)); + + $stmt->bind_param("ssiisi", $this->name, $this->description, $this->price, $this->category_id, $this->created, $this->id); + + if($stmt->execute()){ + return true; + } + + return false; + } + + function delete(){ + + $stmt = $this->conn->prepare(" + DELETE FROM ".$this->itemsTable." + WHERE id = ?"); + + $this->id = htmlspecialchars(strip_tags($this->id)); + + $stmt->bind_param("i", $this->id); + + if($stmt->execute()){ + return true; + } + + return false; + } +} +?> \ No newline at end of file diff --git a/class/Users.php b/class/Users.php new file mode 100644 index 0000000..29d427f --- /dev/null +++ b/class/Users.php @@ -0,0 +1,122 @@ +conn = $db; + } + + function read(){ + $stmt = $this->conn->prepare("SELECT * FROM ".$this->itemsTable." WHERE id = ?"); + $stmt->bind_param("s", $this->id); + $stmt->execute(); + $result = $stmt->get_result(); + return $result; + } + + function rcheck(){ + $stmt = $this->conn->prepare("SELECT id, password FROM ".$this->itemsTable." WHERE id=? AND password=?"); + $stmt->bind_param("ss", $this->id, $this->password); + $stmt->execute(); + $result = $stmt->get_result(); + return $result; + } + + function create(){ + + $stmt = $this->conn->prepare(" + INSERT INTO ".$this->itemsTable."(`id`, `firstname`, `lastname`, `email`, `password`, `country`, `birthdate`) + VALUES(?,?,?,?,?,?,?)"); + + $this->id = htmlspecialchars(strip_tags($this->id)); + $this->firstname = htmlspecialchars(strip_tags($this->firstname)); + $this->lastname = htmlspecialchars(strip_tags($this->lastname)); + $this->email = htmlspecialchars(strip_tags($this->email)); + $this->password = htmlspecialchars(strip_tags($this->password)); + $this->country = htmlspecialchars(strip_tags($this->country)); + $this->birthdate = htmlspecialchars(strip_tags($this->birthdate)); + + + $stmt->bind_param("sssssss", $this->id, $this->firstname, $this->lastname, $this->email, $this->password, $this->country, $this->birthdate); + + if($stmt->execute()){ + return true; + } + + return false; + } + + function check(){ + + $stmt = $this->conn->prepare(" + SELECT id, password FROM ".$this->itemsTable." WHERE id=? AND password=?"); + + $this->id = htmlspecialchars(strip_tags($this->id)); + $this->password = htmlspecialchars(strip_tags($this->password)); + + + $stmt->bind_param("ss", $this->id, $this->password); + + if($stmt->execute()){ + return true; + } + + return false; + } + + function update(){ + + $stmt = $this->conn->prepare(" + UPDATE ".$this->itemsTable." + SET name= ?, description = ?, price = ?, category_id = ?, created = ? + WHERE id = ?"); + + $this->id = htmlspecialchars(strip_tags($this->id)); + $this->name = htmlspecialchars(strip_tags($this->name)); + $this->description = htmlspecialchars(strip_tags($this->description)); + $this->price = htmlspecialchars(strip_tags($this->price)); + $this->category_id = htmlspecialchars(strip_tags($this->category_id)); + $this->created = htmlspecialchars(strip_tags($this->created)); + + $stmt->bind_param("ssiisi", $this->name, $this->description, $this->price, $this->category_id, $this->created, $this->id); + + if($stmt->execute()){ + return true; + } + + return false; + } + + function delete(){ + + $stmt = $this->conn->prepare(" + DELETE FROM ".$this->itemsTable." + WHERE id = ?"); + + $this->id = htmlspecialchars(strip_tags($this->id)); + + $stmt->bind_param("s", $this->id); + + if($stmt->execute()){ + return true; + } + + return false; + } +} +?> \ No newline at end of file diff --git a/config/Database.php b/config/Database.php new file mode 100644 index 0000000..a57c79b --- /dev/null +++ b/config/Database.php @@ -0,0 +1,18 @@ +host, $this->user, $this->password, $this->database); + if($conn->connect_error){ + die("Error failed to connect to MySQL: " . $conn->connect_error); + } else { + return $conn; + } + } +} +?> \ No newline at end of file diff --git a/docs/check-example.txt b/docs/check-example.txt new file mode 100644 index 0000000..08682f2 --- /dev/null +++ b/docs/check-example.txt @@ -0,0 +1,4 @@ +{ +"id": "hackergirl", +"password": "test" +} \ No newline at end of file diff --git a/docs/create-example.txt b/docs/create-example.txt new file mode 100644 index 0000000..79f78b5 --- /dev/null +++ b/docs/create-example.txt @@ -0,0 +1,9 @@ +{ +"id": "hackergirl", +"firstname": "Emily", +"lastname":"Asgardius", +"email":"hackergirl@asgardius.company", +"password": "test", +"country":"asteroid", +"birthdate": "1994-02-19" +} \ No newline at end of file diff --git a/docs/delete-example.txt b/docs/delete-example.txt new file mode 100644 index 0000000..1fd4082 --- /dev/null +++ b/docs/delete-example.txt @@ -0,0 +1,3 @@ +{ +"id": "hackergirl" +} \ No newline at end of file diff --git a/docs/endpoints.txt b/docs/endpoints.txt new file mode 100644 index 0000000..c1e0e83 --- /dev/null +++ b/docs/endpoints.txt @@ -0,0 +1,4 @@ +items/create.php +items/check.php +items/delete.php +items/read.php \ No newline at end of file diff --git a/docs/read-example.txt b/docs/read-example.txt new file mode 100644 index 0000000..1fd4082 --- /dev/null +++ b/docs/read-example.txt @@ -0,0 +1,3 @@ +{ +"id": "hackergirl" +} \ No newline at end of file diff --git a/items.sql b/items.sql new file mode 100644 index 0000000..2f373c9 --- /dev/null +++ b/items.sql @@ -0,0 +1,40 @@ + + +CREATE TABLE `items` ( + `id` int(11) NOT NULL, + `name` varchar(256) NOT NULL, + `description` text NOT NULL, + `price` int(255) NOT NULL, + `category_id` int(11) NOT NULL, + `created` datetime NOT NULL, + `modified` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP +) ENGINE=MyISAM DEFAULT CHARSET=utf8; + + +INSERT INTO `items` (`id`, `name`, `description`, `price`, `category_id`, `created`, `modified`) VALUES +(1, 'LG P880 4X HD', 'My first awesome phone!', 336, 3, '2014-06-01 01:12:26', '2014-05-31 17:42:26'), +(2, 'Google Nexus 4', 'The most awesome phone of 2013!', 299, 2, '2014-06-01 01:12:26', '2014-05-31 17:42:26'), +(3, 'Samsung Galaxy S4', 'How about no?', 600, 3, '2014-06-01 01:12:26', '2014-05-31 17:42:26'), +(6, 'Bench Shirt', 'The best shirt!', 29, 1, '2014-06-01 01:12:26', '2014-05-31 02:42:21'), +(7, 'Lenovo Laptop', 'My business partner.', 399, 2, '2014-06-01 01:13:45', '2014-05-31 02:43:39'), +(8, 'Samsung Galaxy Tab 10.1', 'Good tablet.', 259, 2, '2014-06-01 01:14:13', '2014-05-31 02:44:08'), +(9, 'Spalding Watch', 'My sports watch.', 199, 1, '2014-06-01 01:18:36', '2014-05-31 02:48:31'), +(10, 'Sony Smart Watch', 'The coolest smart watch!', 300, 2, '2014-06-06 17:10:01', '2014-06-05 18:39:51'), +(11, 'Huawei Y300', 'For testing purposes.', 100, 2, '2014-06-06 17:11:04', '2014-06-05 18:40:54'), +(12, 'Abercrombie Lake Arnold Shirt', 'Perfect as gift!', 60, 1, '2014-06-06 17:12:21', '2014-06-05 18:42:11'), +(13, 'Abercrombie Allen Brook Shirt', 'Cool red shirt!', 70, 1, '2014-06-06 17:12:59', '2014-06-05 18:42:49'), +(26, 'Another product', 'Awesome product!', 555, 2, '2014-11-22 19:07:34', '2014-11-21 21:37:34'), +(28, 'Wallet', 'You can absolutely use this one!', 799, 6, '2014-12-04 21:12:03', '2014-12-03 23:42:03'), +(31, 'Amanda Waller Shirt', 'New awesome shirt!', 333, 1, '2014-12-13 00:52:54', '2014-12-12 03:22:54'), +(42, 'Nike Shoes for Men', 'Nike Shoes', 12999, 3, '2015-12-12 06:47:08', '2015-12-12 07:17:08'), +(48, 'Bristol Shoes', 'Awesome shoes.', 999, 5, '2016-01-08 06:36:37', '2016-01-08 07:06:37'), +(60, 'Rolex Watch', 'Luxury watch.', 25000, 1, '2016-01-11 15:46:02', '2016-01-11 16:16:02'); + + +ALTER TABLE `items` + ADD PRIMARY KEY (`id`); + + +ALTER TABLE `items` + MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=61; + diff --git a/items/.htaccess b/items/.htaccess new file mode 100644 index 0000000..7af3914 --- /dev/null +++ b/items/.htaccess @@ -0,0 +1,6 @@ +RewriteEngine On # Turn on the rewriting engine +RewriteRule ^read$ read.php [NC,L] +RewriteRule ^read/([0-9_-]*)$ read.php?id=$1 [NC,L] +RewriteRule ^create$ create.php [NC,L] +RewriteRule ^update$ update.php [NC,L] +RewriteRule ^delete$ delete.php [NC,L] \ No newline at end of file diff --git a/items/check.php b/items/check.php new file mode 100644 index 0000000..b15d3ce --- /dev/null +++ b/items/check.php @@ -0,0 +1,56 @@ +getConnection(); + +$islogincorrect = false; + +$items = new Users($db); + +$data = json_decode(file_get_contents("php://input")); + +if(!empty($data->id) && +!empty($data->password)){ + $items->id = $data->id; + $items->password = $data->password; +} + +//$items->id = (isset($_GET['id']) && $_GET['id']) ? $_GET['id'] : '0'; + +$result = $items->rcheck(); + +if($result->num_rows > 0){ + $itemRecords=array(); + $itemRecords["items"]=array(); + while ($item = $result->fetch_assoc()) { + extract($item); + $itemDetails=array( + "id" => $id, + "password" => $password + ); + if($data->id == $id && $data->password == $password) { + $islogincorrect = true; + } + array_push($itemRecords["items"], $itemDetails); + } + http_response_code(200); + //echo json_encode($itemRecords); +} + +if(!empty($data->id) && +!empty($data->password) && $islogincorrect){ + http_response_code(201); + echo json_encode(array("message" => "Password is correct.")); +}else{ + http_response_code(403); + echo json_encode(array("message" => "Invalid credentials.")); +} +?> \ No newline at end of file diff --git a/items/create.php b/items/create.php new file mode 100644 index 0000000..a7a13c0 --- /dev/null +++ b/items/create.php @@ -0,0 +1,42 @@ +getConnection(); + +$items = new Users($db); + +$data = json_decode(file_get_contents("php://input")); + +if(!empty($data->id) && !empty($data->firstname) && +!empty($data->lastname) && !empty($data->email) && +!empty($data->password) && !empty($data->country) && +!empty($data->birthdate)){ + + $items->id = $data->id; + $items->firstname = $data->firstname; + $items->lastname = $data->lastname; + $items->email = $data->email; + $items->password = $data->password; + $items->country = $data->country; + $items->birthdate = $data->birthdate; + + if($items->create()){ + http_response_code(201); + echo json_encode(array("message" => "Item was created.")); + } else{ + http_response_code(503); + echo json_encode(array("message" => "Unable to create item.")); + } +}else{ + http_response_code(400); + echo json_encode(array("message" => "Unable to create item. Data is incomplete.")); +} +?> \ No newline at end of file diff --git a/items/delete.php b/items/delete.php new file mode 100644 index 0000000..dbfb73e --- /dev/null +++ b/items/delete.php @@ -0,0 +1,31 @@ +getConnection(); + +$items = new Users($db); + +$data = json_decode(file_get_contents("php://input")); + +if(!empty($data->id)) { + $items->id = $data->id; + if($items->delete()){ + http_response_code(200); + echo json_encode(array("message" => "Item was deleted.")); + } else { + http_response_code(503); + echo json_encode(array("message" => "Unable to delete item.")); + } +} else { + http_response_code(400); + echo json_encode(array("message" => "Unable to delete items. Data is incomplete.")); +} +?> \ No newline at end of file diff --git a/items/read.php b/items/read.php new file mode 100644 index 0000000..503942b --- /dev/null +++ b/items/read.php @@ -0,0 +1,43 @@ +getConnection(); + +$items = new Users($db); + +//$items->id = (isset($_GET['id']) && $_GET['id']) ? $_GET['id'] : '0'; +$data = json_decode(file_get_contents("php://input")); +if(!empty($data->id)) { + $items->id = $data->id; +} +$result = $items->read(); + +if($result->num_rows > 0){ + $itemRecords=array(); + $itemRecords["items"]=array(); + while ($item = $result->fetch_assoc()) { + extract($item); + $itemDetails=array( + "id" => $id, + "firstname" => $firstname, + "lastname" => $lastname, + "email" => $email, + "password" => $password, + "country" => $country, + "birthdate" => $birthdate + ); + array_push($itemRecords["items"], $itemDetails); + } + http_response_code(200); + echo json_encode($itemRecords); +}else{ + http_response_code(404); + echo json_encode( + array("message" => "No item found.") + ); +} \ No newline at end of file diff --git a/items/update.php b/items/update.php new file mode 100644 index 0000000..c894d55 --- /dev/null +++ b/items/update.php @@ -0,0 +1,42 @@ +getConnection(); + +$items = new Items($db); + +$data = json_decode(file_get_contents("php://input")); + +if(!empty($data->id) && !empty($data->name) && +!empty($data->description) && !empty($data->price) && +!empty($data->category_id)){ + + $items->id = $data->id; + $items->name = $data->name; + $items->description = $data->description; + $items->price = $data->price; + $items->category_id = $data->category_id; + $items->created = date('Y-m-d H:i:s'); + + + if($items->update()){ + http_response_code(200); + echo json_encode(array("message" => "Item was updated.")); + }else{ + http_response_code(503); + echo json_encode(array("message" => "Unable to update items.")); + } + +} else { + http_response_code(400); + echo json_encode(array("message" => "Unable to update items. Data is incomplete.")); +} +?> \ No newline at end of file diff --git a/users.sql b/users.sql new file mode 100644 index 0000000..35dc3cb --- /dev/null +++ b/users.sql @@ -0,0 +1 @@ +CREATE TABLE `users` ( `id` varchar(15) NOT NULL, `firstname` varchar(30) NOT NULL, `lastname` varchar(30) NOT NULL, `email` varchar(30) NOT NULL, `password` varchar(30) NOT NULL, `country` varchar(30) NOT NULL, `birthdate` date NOT NULL, UNIQUE KEY `id` (`id`) ); \ No newline at end of file